<?php include_once("common.php");
class User extends BaseEntity implements BaseOperations
{
	private $fname;
	private $lname;
	private $mname;
	private $role;
	private $login;
	private $password;
	private $salt;
	
	// PROPERTIES
	public function getFirstName(){
		return $this->fname;
	}
	
	public function setFirstName($name){
		$this->fname=$name;
	}
	
	public function getLastName(){
		return $this->lname;
	}
	
	public function setLastName($name){
		$this->lname=$name;
	}
	
	public function getMidName(){
		return $this->mname;
	}
	
	public function setMidName($name){
		$this->mname=$name;
	}
	
	public function getRole(){
		return $this->role;
	}
	
	public function setRole($role){
		$this->role=$role;
	}
	
	public function getLogin(){
		return $this->login;
	}
	
	public function setLogin($name){
		$this->login=$name;
	}
	
	public function getPassword(){
		return $this->password;
	}
	
	public function setPassword($pas){
		$this->password=$pas;
	}
	
	// METHODS
	public function GetRecordById($id)
	{
		$res = mysql_query("SELECT * FROM users WHERE id = ".$id);
		
		$f = mysql_fetch_array($res);
				
		$tmp = new User;
		$tmp->setId($f[id]);
		$tmp->setFirstName($f[fname]);
		$tmp->setLastName($f[lname]);
		$tmp->setMidName($f[mname]);
		$tmp->setRole($f[roleId]);	
		$tmp->setLogin($f[login]);

		return $tmp;
	}
	
	public function GetAllRecords()
	{
		$result = array();
			
		$res = mysql_query("SELECT * FROM users;");
		
		for ($c=0; $c<mysql_num_rows($res); $c++)
		{
			$f = mysql_fetch_array($res);
			
			$tmp = new User;
			$tmp->setId($f[id]);
			$tmp->setFirstName($f[fname]);
			$tmp->setLastName($f[lname]);
			$tmp->setMidName($f[mname]);
			$tmp->setRole($f[roleId]);	
			$tmp->setLogin($f[login]);
			
			$result[] = $tmp;
		}
		
		return $result;
	}

	public function AddNewRecord(){
		// remove specific symbols
		$log = $this->getLogin();
		$pas = $this->getPassword();
		
		$login = (isset($log)) ? mysql_real_escape_string($log) : '';
		$password = (isset($pas)) ? mysql_real_escape_string($pas) : '';
		
		// error checking
		$error = false;
		$errort = '';
		
		if (strlen($login) < 2)
		{
			$error = true;
			$errort .= 'Login should be at least 2 characters.<br />';
		}
		if (strlen($password) < 6)
		{
			$error = true;
			$errort .= 'Password should be at least 6 characters.<br />';
		}
		
		// check current login in table
		$query = "SELECT `id`
					FROM `users`
					WHERE `login`='{$login}'
					LIMIT 1";

		$sql = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($sql)==1)
		{
			$error = true;
			$errort .= 'User already exists. Please change login and try again.<br />';
		}
		
		
		// insert new data into table
		if (!$error)
		{
			// generate salt
			$n = 3;
			$this->salt = '';
			$pattern = '1234567890abcdefghijklmnopqrstuvwxyz.,*_-=+';
			$counter = strlen($pattern)-1;
			for($i=0; $i<$n; $i++)
			{
				$this->salt .= $pattern{rand(0,$counter)};
			}
			
			$hashed_password = md5(md5($password) . $this->salt);
			
			$query = "INSERT
						INTO `users`
						SET
							`login`='{$login}',
							`password`='{$hashed_password}',
							`salt`='{$this->salt}',
							`fname`='{$this->getFirstName()}',
							`lname`='{$this->getLastName()}',
							`mname`='{$this->getMidName()}',
							`roleId`='{$this->getRole()}'";
							
			$sql = mysql_query($query) or die(mysql_error());
			
			print "Account created";
			exit;
		}
		else
		{
			print '<h4>An error occured: </h4>' . $errort;
		}
	}
	
	public function UpdateRecord()
	{
		// should be implemented
	}
	
	public function RemoveRecordById($id)
	{
		// should be implemented
	}
}
?>